From ff588497b3dfc3138c9ce005e9270ed5568c05df Mon Sep 17 00:00:00 2001 From: Jonathan Rajotte Date: Fri, 25 Sep 2020 16:35:28 -0400 Subject: [PATCH] credentials: uid and gid now use LTTNG_OPTIONAL MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The triggers will only use the uid element. Signed-off-by: Jonathan Rajotte Signed-off-by: Jérémie Galarneau Change-Id: Ia96e7def5ab560d9af1476920426635fc49f92ef --- src/bin/lttng-sessiond/action-executor.c | 13 +++-- src/bin/lttng-sessiond/cmd.c | 8 +-- src/bin/lttng-sessiond/consumer.c | 10 ++-- .../notification-thread-events.c | 35 +++++++----- src/bin/lttng-sessiond/rotate.c | 4 +- src/bin/lttng-sessiond/session.c | 4 +- src/bin/lttng-sessiond/ust-app.c | 47 ++++++++-------- src/bin/lttng-sessiond/ust-consumer.c | 2 +- src/common/compat/directory-handle.c | 19 +++---- src/common/credentials.c | 53 +++++++++++++++++-- src/common/credentials.h | 15 +++++- src/common/kernel-consumer/kernel-consumer.c | 4 +- src/common/trace-chunk.c | 4 +- src/common/ust-consumer/ust-consumer.c | 35 +++++++----- src/common/utils.c | 8 +-- 15 files changed, 168 insertions(+), 93 deletions(-) diff --git a/src/bin/lttng-sessiond/action-executor.c b/src/bin/lttng-sessiond/action-executor.c index fc7d03d70..ca9690743 100644 --- a/src/bin/lttng-sessiond/action-executor.c +++ b/src/bin/lttng-sessiond/action-executor.c @@ -113,22 +113,21 @@ static bool is_trigger_allowed_for_session(const struct lttng_trigger *trigger, { bool is_allowed = false; const struct lttng_credentials session_creds = { - .uid = session->uid, - .gid = session->gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(session->uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(session->gid), }; /* Can never be NULL. */ const struct lttng_credentials *trigger_creds = lttng_trigger_get_credentials(trigger); - is_allowed = (trigger_creds->uid == session_creds.uid) || - (trigger_creds->uid == 0); + is_allowed = (lttng_credentials_is_equal_uid(trigger_creds, &session_creds)) || + (lttng_credentials_get_uid(trigger_creds) == 0); if (!is_allowed) { - WARN("Trigger is not allowed to interact with session `%s`: session uid = %ld, session gid = %ld, trigger uid = %ld, trigger gid = %ld", + WARN("Trigger is not allowed to interact with session `%s`: session uid = %ld, session gid = %ld, trigger uid = %ld", session->name, (long int) session->uid, (long int) session->gid, - (long int) trigger_creds->uid, - (long int) trigger_creds->gid); + (long int) lttng_credentials_get_uid(trigger_creds)); } return is_allowed; diff --git a/src/bin/lttng-sessiond/cmd.c b/src/bin/lttng-sessiond/cmd.c index dc442035a..9a832b455 100644 --- a/src/bin/lttng-sessiond/cmd.c +++ b/src/bin/lttng-sessiond/cmd.c @@ -4265,8 +4265,8 @@ int cmd_register_trigger(struct command_ctx *cmd_ctx, int sock, struct lttng_trigger *trigger = NULL; struct lttng_payload trigger_payload; struct lttng_credentials cmd_creds = { - .uid = cmd_ctx->creds.uid, - .gid = cmd_ctx->creds.gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(cmd_ctx->creds.uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(cmd_ctx->creds.gid), }; lttng_payload_init(&trigger_payload); @@ -4337,8 +4337,8 @@ int cmd_unregister_trigger(struct command_ctx *cmd_ctx, int sock, struct lttng_trigger *trigger = NULL; struct lttng_payload trigger_payload; struct lttng_credentials cmd_creds = { - .uid = cmd_ctx->creds.uid, - .gid = cmd_ctx->creds.gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(cmd_ctx->creds.uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(cmd_ctx->creds.gid), }; lttng_payload_init(&trigger_payload); diff --git a/src/bin/lttng-sessiond/consumer.c b/src/bin/lttng-sessiond/consumer.c index 4bd9d80ab..115a46e2e 100644 --- a/src/bin/lttng-sessiond/consumer.c +++ b/src/bin/lttng-sessiond/consumer.c @@ -951,8 +951,10 @@ void consumer_init_ask_channel_comm_msg(struct lttcomm_consumer_msg *msg, assert(chunk_status == LTTNG_TRACE_CHUNK_STATUS_OK); LTTNG_OPTIONAL_SET(&msg->u.ask_channel.chunk_id, chunk_id); } - msg->u.ask_channel.buffer_credentials.uid = buffer_credentials->uid; - msg->u.ask_channel.buffer_credentials.gid = buffer_credentials->gid; + msg->u.ask_channel.buffer_credentials.uid = + lttng_credentials_get_uid(buffer_credentials); + msg->u.ask_channel.buffer_credentials.gid = + lttng_credentials_get_gid(buffer_credentials); msg->cmd_type = LTTNG_CONSUMER_ASK_CHANNEL_CREATION; msg->u.ask_channel.subbuf_size = subbuf_size; @@ -1930,9 +1932,9 @@ int consumer_create_trace_chunk(struct consumer_socket *socket, assert(domain_dirfd >= 0); msg.u.create_trace_chunk.credentials.value.uid = - chunk_credentials.uid; + lttng_credentials_get_uid(&chunk_credentials); msg.u.create_trace_chunk.credentials.value.gid = - chunk_credentials.gid; + lttng_credentials_get_gid(&chunk_credentials); msg.u.create_trace_chunk.credentials.is_set = 1; } diff --git a/src/bin/lttng-sessiond/notification-thread-events.c b/src/bin/lttng-sessiond/notification-thread-events.c index e01a00538..9e9a83888 100644 --- a/src/bin/lttng-sessiond/notification-thread-events.c +++ b/src/bin/lttng-sessiond/notification-thread-events.c @@ -1807,8 +1807,8 @@ int handle_notification_thread_command_session_rotation( struct lttng_trigger_list_element *trigger_list_element; struct session_info *session_info; const struct lttng_credentials session_creds = { - .uid = session_uid, - .gid = session_gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(session_uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(session_gid), }; rcu_read_lock(); @@ -2117,6 +2117,8 @@ int handle_notification_thread_command_register_trigger( bool free_trigger = true; struct lttng_evaluation *evaluation = NULL; struct lttng_credentials object_creds; + uid_t object_uid; + gid_t object_gid; enum action_executor_status executor_status; rcu_read_lock(); @@ -2260,13 +2262,13 @@ int handle_notification_thread_command_register_trigger( switch (get_condition_binding_object(condition)) { case LTTNG_OBJECT_TYPE_SESSION: ret = evaluate_session_condition_for_client(condition, state, - &evaluation, &object_creds.uid, - &object_creds.gid); + &evaluation, &object_uid, + &object_gid); break; case LTTNG_OBJECT_TYPE_CHANNEL: ret = evaluate_channel_condition_for_client(condition, state, - &evaluation, &object_creds.uid, - &object_creds.gid); + &evaluation, &object_uid, + &object_gid); break; case LTTNG_OBJECT_TYPE_NONE: ret = 0; @@ -2282,6 +2284,9 @@ int handle_notification_thread_command_register_trigger( goto error_put_client_list; } + LTTNG_OPTIONAL_SET(&object_creds.uid, object_uid); + LTTNG_OPTIONAL_SET(&object_creds.gid, object_gid); + DBG("Newly registered trigger's condition evaluated to %s", evaluation ? "true" : "false"); if (!evaluation) { @@ -3582,11 +3587,15 @@ int send_evaluation_to_clients(const struct lttng_trigger *trigger, struct notification_thread_state *state, uid_t object_uid, gid_t object_gid) { + const struct lttng_credentials creds = { + .uid = LTTNG_OPTIONAL_INIT_VALUE(object_uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(object_gid), + }; + return notification_client_list_send_evaluation(client_list, lttng_trigger_get_const_condition(trigger), evaluation, lttng_trigger_get_credentials(trigger), - &(struct lttng_credentials){ - .uid = object_uid, .gid = object_gid}, + &creds, client_handle_transmission_status_wrapper, state); } @@ -3693,8 +3702,8 @@ int notification_client_list_send_evaluation( } if (source_object_creds) { - if (client->uid != source_object_creds->uid && - client->gid != source_object_creds->gid && + if (client->uid != lttng_credentials_get_uid(source_object_creds) && + client->gid != lttng_credentials_get_gid(source_object_creds) && client->uid != 0) { /* * Client is not allowed to monitor this @@ -3705,7 +3714,7 @@ int notification_client_list_send_evaluation( } } - if (client->uid != trigger_creds->uid && client->gid != trigger_creds->gid) { + if (client->uid != lttng_credentials_get_uid(trigger_creds) && client->gid != lttng_credentials_get_gid(trigger_creds)) { DBG("[notification-thread] Skipping client at it does not have the permission to receive notification for this trigger"); goto skip_client; } @@ -3894,8 +3903,8 @@ int handle_notification_thread_channel_sample( } channel_creds = (typeof(channel_creds)) { - .uid = channel_info->session_info->uid, - .gid = channel_info->session_info->gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(channel_info->session_info->uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(channel_info->session_info->gid), }; trigger_list = caa_container_of(node, struct lttng_channel_trigger_list, diff --git a/src/bin/lttng-sessiond/rotate.c b/src/bin/lttng-sessiond/rotate.c index 813a1a0dc..097da860a 100644 --- a/src/bin/lttng-sessiond/rotate.c +++ b/src/bin/lttng-sessiond/rotate.c @@ -47,8 +47,8 @@ int subscribe_session_consumed_size_rotation(struct ltt_session *session, uint64 enum lttng_notification_channel_status nc_status; struct lttng_action *action; const struct lttng_credentials session_creds = { - .uid = session->uid, - .gid = session->gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(session->uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(session->gid), }; session->rotate_condition = lttng_condition_session_consumed_size_create(); diff --git a/src/bin/lttng-sessiond/session.c b/src/bin/lttng-sessiond/session.c index f8134f8ad..a4d116339 100644 --- a/src/bin/lttng-sessiond/session.c +++ b/src/bin/lttng-sessiond/session.c @@ -574,8 +574,8 @@ struct lttng_trace_chunk *session_create_new_trace_chunk( const char *base_path; struct lttng_directory_handle *session_output_directory = NULL; const struct lttng_credentials session_credentials = { - .uid = session->uid, - .gid = session->gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(session->uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(session->gid), }; uint64_t next_chunk_id; const struct consumer_output *output; diff --git a/src/bin/lttng-sessiond/ust-app.c b/src/bin/lttng-sessiond/ust-app.c index c332f5c75..1f2d4238e 100644 --- a/src/bin/lttng-sessiond/ust-app.c +++ b/src/bin/lttng-sessiond/ust-app.c @@ -245,7 +245,7 @@ static struct ust_registry_session *get_session_registry( { struct buffer_reg_uid *reg_uid = buffer_reg_uid_find( ua_sess->tracing_id, ua_sess->bits_per_long, - ua_sess->real_credentials.uid); + lttng_credentials_get_uid(&ua_sess->real_credentials)); if (!reg_uid) { goto error; } @@ -1847,10 +1847,10 @@ static void shadow_copy_session(struct ust_app_session *ua_sess, ua_sess->tracing_id = usess->id; ua_sess->id = get_next_session_id(); - ua_sess->real_credentials.uid = app->uid; - ua_sess->real_credentials.gid = app->gid; - ua_sess->effective_credentials.uid = usess->uid; - ua_sess->effective_credentials.gid = usess->gid; + LTTNG_OPTIONAL_SET(&ua_sess->real_credentials.uid, app->uid); + LTTNG_OPTIONAL_SET(&ua_sess->real_credentials.gid, app->gid); + LTTNG_OPTIONAL_SET(&ua_sess->effective_credentials.uid, usess->uid); + LTTNG_OPTIONAL_SET(&ua_sess->effective_credentials.gid, usess->gid); ua_sess->buffer_type = usess->buffer_type; ua_sess->bits_per_long = app->bits_per_long; @@ -1872,7 +1872,7 @@ static void shadow_copy_session(struct ust_app_session *ua_sess, case LTTNG_BUFFER_PER_UID: ret = snprintf(ua_sess->path, sizeof(ua_sess->path), DEFAULT_UST_TRACE_UID_PATH, - ua_sess->real_credentials.uid, + lttng_credentials_get_uid(&ua_sess->real_credentials), app->bits_per_long); break; default: @@ -1995,8 +1995,9 @@ static int setup_buffer_reg_pid(struct ust_app_session *ua_sess, app->uint64_t_alignment, app->long_alignment, app->byte_order, app->version.major, app->version.minor, reg_pid->root_shm_path, reg_pid->shm_path, - ua_sess->effective_credentials.uid, - ua_sess->effective_credentials.gid, ua_sess->tracing_id, + lttng_credentials_get_uid(&ua_sess->effective_credentials), + lttng_credentials_get_gid(&ua_sess->effective_credentials), + ua_sess->tracing_id, app->uid); if (ret < 0) { /* @@ -2887,8 +2888,9 @@ static int create_channel_per_uid(struct ust_app *app, notification_ret = notification_thread_command_add_channel( notification_thread_handle, session->name, - ua_sess->effective_credentials.uid, - ua_sess->effective_credentials.gid, ua_chan->name, + lttng_credentials_get_uid(&ua_sess->effective_credentials), + lttng_credentials_get_gid(&ua_sess->effective_credentials), + ua_chan->name, ua_chan->key, LTTNG_DOMAIN_UST, ua_chan->attr.subbuf_size * ua_chan->attr.num_subbuf); if (notification_ret != LTTNG_OK) { @@ -2987,8 +2989,9 @@ static int create_channel_per_pid(struct ust_app *app, cmd_ret = notification_thread_command_add_channel( notification_thread_handle, session->name, - ua_sess->effective_credentials.uid, - ua_sess->effective_credentials.gid, ua_chan->name, + lttng_credentials_get_uid(&ua_sess->effective_credentials), + lttng_credentials_get_gid(&ua_sess->effective_credentials), + ua_chan->name, ua_chan->key, LTTNG_DOMAIN_UST, ua_chan->attr.subbuf_size * ua_chan->attr.num_subbuf); if (cmd_ret != LTTNG_OK) { @@ -5965,10 +5968,8 @@ enum lttng_error_code ust_app_snapshot_record( ua_chan, node.node) { status = consumer_snapshot_channel(socket, ua_chan->key, output, 0, - ua_sess->effective_credentials - .uid, - ua_sess->effective_credentials - .gid, + lttng_credentials_get_uid(&ua_sess->effective_credentials), + lttng_credentials_get_gid(&ua_sess->effective_credentials), &trace_path[consumer_path_offset], wait, nb_packets_per_stream); switch (status) { @@ -5988,8 +5989,8 @@ enum lttng_error_code ust_app_snapshot_record( } status = consumer_snapshot_channel(socket, registry->metadata_key, output, 1, - ua_sess->effective_credentials.uid, - ua_sess->effective_credentials.gid, + lttng_credentials_get_uid(&ua_sess->effective_credentials), + lttng_credentials_get_gid(&ua_sess->effective_credentials), &trace_path[consumer_path_offset], wait, 0); switch (status) { case LTTNG_OK: @@ -6345,10 +6346,8 @@ enum lttng_error_code ust_app_rotate_session(struct ltt_session *session) ua_chan, node.node) { ret = consumer_rotate_channel(socket, ua_chan->key, - ua_sess->effective_credentials - .uid, - ua_sess->effective_credentials - .gid, + lttng_credentials_get_uid(&ua_sess->effective_credentials), + lttng_credentials_get_gid(&ua_sess->effective_credentials), ua_sess->consumer, /* is_metadata_channel */ false); if (ret < 0) { @@ -6364,8 +6363,8 @@ enum lttng_error_code ust_app_rotate_session(struct ltt_session *session) (void) push_metadata(registry, usess->consumer); ret = consumer_rotate_channel(socket, registry->metadata_key, - ua_sess->effective_credentials.uid, - ua_sess->effective_credentials.gid, + lttng_credentials_get_uid(&ua_sess->effective_credentials), + lttng_credentials_get_gid(&ua_sess->effective_credentials), ua_sess->consumer, /* is_metadata_channel */ true); if (ret < 0) { diff --git a/src/bin/lttng-sessiond/ust-consumer.c b/src/bin/lttng-sessiond/ust-consumer.c index 25dc7ed1c..70e3d1658 100644 --- a/src/bin/lttng-sessiond/ust-consumer.c +++ b/src/bin/lttng-sessiond/ust-consumer.c @@ -151,7 +151,7 @@ static int ask_channel_creation(struct ust_app_session *ua_sess, ua_chan->tracefile_count, ua_sess->id, ua_sess->output_traces, - ua_sess->real_credentials.uid, + lttng_credentials_get_uid(&ua_sess->real_credentials), ua_chan->attr.blocking_timeout, root_shm_path, shm_path, trace_chunk, diff --git a/src/common/compat/directory-handle.c b/src/common/compat/directory-handle.c index 356376ac0..a66d768e8 100644 --- a/src/common/compat/directory-handle.c +++ b/src/common/compat/directory-handle.c @@ -1019,8 +1019,9 @@ int lttng_directory_handle_create_subdirectory_as_user( ret = create_directory_check_exists(handle, subdirectory, mode); } else { - ret = _run_as_mkdir(handle, subdirectory, - mode, creds->uid, creds->gid); + ret = _run_as_mkdir(handle, subdirectory, mode, + lttng_credentials_get_uid(creds), + lttng_credentials_get_gid(creds)); } return ret; @@ -1040,7 +1041,7 @@ int lttng_directory_handle_create_subdirectory_recursive_as_user( subdirectory_path, mode); } else { ret = _run_as_mkdir_recursive(handle, subdirectory_path, - mode, creds->uid, creds->gid); + mode, lttng_credentials_get_uid(creds), lttng_credentials_get_gid(creds)); } return ret; @@ -1081,7 +1082,7 @@ int lttng_directory_handle_open_file_as_user( mode); } else { ret = _run_as_open(handle, filename, flags, mode, - creds->uid, creds->gid); + lttng_credentials_get_uid(creds), lttng_credentials_get_gid(creds)); } return ret; } @@ -1108,7 +1109,7 @@ int lttng_directory_handle_unlink_file_as_user( /* Run as current user. */ ret = lttng_directory_handle_unlink(handle, filename); } else { - ret = _run_as_unlink(handle, filename, creds->uid, creds->gid); + ret = _run_as_unlink(handle, filename, lttng_credentials_get_uid(creds), lttng_credentials_get_gid(creds)); } return ret; } @@ -1149,7 +1150,7 @@ int lttng_directory_handle_rename_as_user( old_name, new_handle, new_name); } else { ret = _run_as_rename(old_handle, old_name, new_handle, - new_name, creds->uid, creds->gid); + new_name, lttng_credentials_get_uid(creds), lttng_credentials_get_gid(creds)); } return ret; } @@ -1175,7 +1176,7 @@ int lttng_directory_handle_remove_subdirectory_as_user( /* Run as current user. */ ret = lttng_directory_handle_rmdir(handle, name); } else { - ret = _run_as_rmdir(handle, name, creds->uid, creds->gid); + ret = _run_as_rmdir(handle, name, lttng_credentials_get_uid(creds), lttng_credentials_get_gid(creds)); } return ret; } @@ -1409,8 +1410,8 @@ int lttng_directory_handle_remove_subdirectory_recursive_as_user( /* Run as current user. */ ret = remove_directory_recursive(handle, name, flags); } else { - ret = _run_as_rmdir_recursive(handle, name, creds->uid, - creds->gid, flags); + ret = _run_as_rmdir_recursive(handle, name, lttng_credentials_get_uid(creds), + lttng_credentials_get_gid(creds), flags); } return ret; } diff --git a/src/common/credentials.c b/src/common/credentials.c index dc1bdd89f..589ffabc2 100644 --- a/src/common/credentials.c +++ b/src/common/credentials.c @@ -9,15 +9,60 @@ #include #include "credentials.h" -bool lttng_credentials_is_equal(const struct lttng_credentials *a, +uid_t lttng_credentials_get_uid(const struct lttng_credentials *creds) +{ + return LTTNG_OPTIONAL_GET(creds->uid); +} + +gid_t lttng_credentials_get_gid(const struct lttng_credentials *creds) +{ + return LTTNG_OPTIONAL_GET(creds->gid); +} + +bool lttng_credentials_is_equal_uid(const struct lttng_credentials *a, const struct lttng_credentials *b) { assert(a); assert(b); - if ((a->uid != b->uid) || (a->gid != b->gid)) { + /* XOR on the is_set value */ + if (!!a->uid.is_set != !!b->uid.is_set) { return false; } - return true; -}; + if (!a->uid.is_set && !b->uid.is_set) { + return true; + } + + /* Both a and b are set. */ + return a->uid.value == b->uid.value; +} + +bool lttng_credentials_is_equal_gid(const struct lttng_credentials *a, + const struct lttng_credentials *b) +{ + assert(a); + assert(b); + + /* XOR on the is_set value */ + if (!!a->gid.is_set != !!b->gid.is_set) { + return false; + } + + if (!a->gid.is_set && !b->gid.is_set) { + return true; + } + + /* Both a and b are set. */ + return a->gid.value == b->gid.value; +} + +bool lttng_credentials_is_equal(const struct lttng_credentials *a, + const struct lttng_credentials *b) +{ + assert(a); + assert(b); + + return lttng_credentials_is_equal_uid(a, b) && + lttng_credentials_is_equal_gid(a, b); +} diff --git a/src/common/credentials.h b/src/common/credentials.h index 9e5fc6260..c0dc6d7f1 100644 --- a/src/common/credentials.h +++ b/src/common/credentials.h @@ -11,11 +11,22 @@ #include #include +#include "optional.h" + struct lttng_credentials { - uid_t uid; - gid_t gid; + LTTNG_OPTIONAL(uid_t) uid; + LTTNG_OPTIONAL(gid_t) gid; }; +uid_t lttng_credentials_get_uid(const struct lttng_credentials *creds); +gid_t lttng_credentials_get_gid(const struct lttng_credentials *creds); + +bool lttng_credentials_is_equal_uid(const struct lttng_credentials *a, + const struct lttng_credentials *b); + +bool lttng_credentials_is_equal_gid(const struct lttng_credentials *a, + const struct lttng_credentials *b); + bool lttng_credentials_is_equal(const struct lttng_credentials *a, const struct lttng_credentials *b); diff --git a/src/common/kernel-consumer/kernel-consumer.c b/src/common/kernel-consumer/kernel-consumer.c index de1a14c21..b9d843714 100644 --- a/src/common/kernel-consumer/kernel-consumer.c +++ b/src/common/kernel-consumer/kernel-consumer.c @@ -1207,8 +1207,8 @@ error_rotate_channel: case LTTNG_CONSUMER_CREATE_TRACE_CHUNK: { const struct lttng_credentials credentials = { - .uid = msg.u.create_trace_chunk.credentials.value.uid, - .gid = msg.u.create_trace_chunk.credentials.value.gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(msg.u.create_trace_chunk.credentials.value.uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(msg.u.create_trace_chunk.credentials.value.gid), }; const bool is_local_trace = !msg.u.create_trace_chunk.relayd_id.is_set; diff --git a/src/common/trace-chunk.c b/src/common/trace-chunk.c index b303607e3..8a8481b5d 100644 --- a/src/common/trace-chunk.c +++ b/src/common/trace-chunk.c @@ -966,8 +966,8 @@ enum lttng_trace_chunk_status lttng_trace_chunk_get_credentials( pthread_mutex_lock(&chunk->lock); if (chunk->credentials.is_set) { if (chunk->credentials.value.use_current_user) { - credentials->uid = geteuid(); - credentials->gid = getegid(); + LTTNG_OPTIONAL_SET(&credentials->uid, geteuid()); + LTTNG_OPTIONAL_SET(&credentials->gid, getegid()); } else { *credentials = chunk->credentials.value.user; } diff --git a/src/common/ust-consumer/ust-consumer.c b/src/common/ust-consumer/ust-consumer.c index 209931f56..1a7de1cfd 100644 --- a/src/common/ust-consumer/ust-consumer.c +++ b/src/common/ust-consumer/ust-consumer.c @@ -409,7 +409,8 @@ static int open_ust_stream_fd(struct lttng_consumer_channel *channel, int cpu, } return run_as_open(shm_path, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR, - session_credentials->uid, session_credentials->gid); + lttng_credentials_get_uid(session_credentials), + lttng_credentials_get_gid(session_credentials)); error_shm_path: return -1; @@ -487,8 +488,10 @@ error_open: ERR("Cannot get stream shm path"); } closeret = run_as_unlink(shm_path, - channel->buffer_credentials.value.uid, - channel->buffer_credentials.value.gid); + lttng_credentials_get_uid(LTTNG_OPTIONAL_GET_PTR( + channel->buffer_credentials)), + lttng_credentials_get_gid(LTTNG_OPTIONAL_GET_PTR( + channel->buffer_credentials))); if (closeret) { PERROR("unlink %s", shm_path); } @@ -497,8 +500,10 @@ error_open: /* Try to rmdir all directories under shm_path root. */ if (channel->root_shm_path[0]) { (void) run_as_rmdir_recursive(channel->root_shm_path, - channel->buffer_credentials.value.uid, - channel->buffer_credentials.value.gid, + lttng_credentials_get_uid(LTTNG_OPTIONAL_GET_PTR( + channel->buffer_credentials)), + lttng_credentials_get_gid(LTTNG_OPTIONAL_GET_PTR( + channel->buffer_credentials)), LTTNG_DIRECTORY_HANDLE_SKIP_NON_EMPTY_FLAG); } free(stream_fds); @@ -1461,8 +1466,8 @@ int lttng_ustconsumer_recv_cmd(struct lttng_consumer_local_data *ctx, struct ustctl_consumer_channel_attr attr; const uint64_t chunk_id = msg.u.ask_channel.chunk_id.value; const struct lttng_credentials buffer_credentials = { - .uid = msg.u.ask_channel.buffer_credentials.uid, - .gid = msg.u.ask_channel.buffer_credentials.gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(msg.u.ask_channel.buffer_credentials.uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(msg.u.ask_channel.buffer_credentials.gid), }; /* Create a plain object and reserve a channel key. */ @@ -2072,8 +2077,8 @@ end_rotate_channel_nosignal: case LTTNG_CONSUMER_CREATE_TRACE_CHUNK: { const struct lttng_credentials credentials = { - .uid = msg.u.create_trace_chunk.credentials.value.uid, - .gid = msg.u.create_trace_chunk.credentials.value.gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(msg.u.create_trace_chunk.credentials.value.uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(msg.u.create_trace_chunk.credentials.value.gid), }; const bool is_local_trace = !msg.u.create_trace_chunk.relayd_id.is_set; @@ -2402,8 +2407,10 @@ void lttng_ustconsumer_del_channel(struct lttng_consumer_channel *chan) ERR("Cannot get stream shm path"); } ret = run_as_unlink(shm_path, - chan->buffer_credentials.value.uid, - chan->buffer_credentials.value.gid); + lttng_credentials_get_uid(LTTNG_OPTIONAL_GET_PTR( + chan->buffer_credentials)), + lttng_credentials_get_gid(LTTNG_OPTIONAL_GET_PTR( + chan->buffer_credentials))); if (ret) { PERROR("unlink %s", shm_path); } @@ -2422,8 +2429,10 @@ void lttng_ustconsumer_free_channel(struct lttng_consumer_channel *chan) /* Try to rmdir all directories under shm_path root. */ if (chan->root_shm_path[0]) { (void) run_as_rmdir_recursive(chan->root_shm_path, - chan->buffer_credentials.value.uid, - chan->buffer_credentials.value.gid, + lttng_credentials_get_uid(LTTNG_OPTIONAL_GET_PTR( + chan->buffer_credentials)), + lttng_credentials_get_gid(LTTNG_OPTIONAL_GET_PTR( + chan->buffer_credentials)), LTTNG_DIRECTORY_HANDLE_SKIP_NON_EMPTY_FLAG); } free(chan->stream_fds); diff --git a/src/common/utils.c b/src/common/utils.c index 2a20e5a8c..bd61fff3d 100644 --- a/src/common/utils.c +++ b/src/common/utils.c @@ -679,8 +679,8 @@ int utils_mkdir(const char *path, mode_t mode, int uid, int gid) int ret; struct lttng_directory_handle *handle; const struct lttng_credentials creds = { - .uid = (uid_t) uid, - .gid = (gid_t) gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(gid), }; handle = lttng_directory_handle_create(NULL); @@ -708,8 +708,8 @@ int utils_mkdir_recursive(const char *path, mode_t mode, int uid, int gid) int ret; struct lttng_directory_handle *handle; const struct lttng_credentials creds = { - .uid = (uid_t) uid, - .gid = (gid_t) gid, + .uid = LTTNG_OPTIONAL_INIT_VALUE(uid), + .gid = LTTNG_OPTIONAL_INIT_VALUE(gid), }; handle = lttng_directory_handle_create(NULL); -- 2.34.1